Document when a session gets removed from cache

Document the fact that if a session is not closed down cleanly then the session gets removed from the cache and marked as non-resumable. Fixes #4720 Reviewed-by: Rich Salz <rsalz@openssl.org> Reviewed-by: Paul Dale <paul.dale@oracle.com> (Merged from https://github.com/openssl/openssl/pull/6053)
author: Matt Caswell <matt@openssl.org> 2018-04-23 11:23:43 +0100
committer: Matt Caswell <matt@openssl.org> 2018-04-24 09:23:23 +0100
commit: 4753ad858c299a34815988907989c98d5285e57e (patch)
tree: 861f661c68097aa6e8f5d69de669e6df3453d55c
parent: 22eb2d1c80ff511985c0b32a6f4699c3a062311b (diff)
download: openssl-4753ad858c299a34815988907989c98d5285e57e.zip
openssl-4753ad858c299a34815988907989c98d5285e57e.tar.gz
openssl-4753ad858c299a34815988907989c98d5285e57e.tar.bz2
1 files changed, 5 insertions, 0 deletions
diff --git a/doc/man3/SSL_get_session.pod b/doc/man3/SSL_get_session.pod
index b2e92af..7ed6353 100644
--- a/doc/man3/SSL_get_session.pod
+++ b/doc/man3/SSL_get_session.pod
@@ -48,6 +48,11 @@ SSL_SESSION object that cannot be used for resumption in TLSv1.3. It also
 enables applications to obtain information about all sessions sent by the
 server.
 
+A session will be automatically removed from the session cache and marked as
+non-resumable if the connection is not closed down cleanly, e.g. if a fatal
+error occurs on the connection or L<SSL_shutdown(3)> is not called prior to
+L<SSL_free(3)>.
+
 In TLSv1.3 it is recommended that each SSL_SESSION object is only used for
 resumption once.
author	Matt Caswell <matt@openssl.org>	2018-04-23 11:23:43 +0100
committer	Matt Caswell <matt@openssl.org>	2018-04-24 09:23:23 +0100
commit	4753ad858c299a34815988907989c98d5285e57e (patch)
tree	861f661c68097aa6e8f5d69de669e6df3453d55c
parent	22eb2d1c80ff511985c0b32a6f4699c3a062311b (diff)
download	openssl-4753ad858c299a34815988907989c98d5285e57e.zip openssl-4753ad858c299a34815988907989c98d5285e57e.tar.gz openssl-4753ad858c299a34815988907989c98d5285e57e.tar.bz2